8adb70a74d3d625639db023a90701d2c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8adb70a74d3d625639db023a90701d2c_JaffaCakes118
Size

143KB
MD5

8adb70a74d3d625639db023a90701d2c
SHA1

0eb51164fdb425c914e0dc1f5f3e27bd396669ef
SHA256

71d231d0c7cd2d639e41c660da2d9e61d2d1cece08a2b0346cd1130bf4c7ee02
SHA512

92cd9d4be751e4c19091b481cca33ff74b22ce07780265c820e147b4ac6e6fbf266bc2f4fcc9686796989ab27453c68cbe4157c6eb01aabaa5533bb210c60609
SSDEEP

3072:CKgKsjF09neCuNnQdJxRGaKq6hCtCn9cL98XRI8SsashT:fgZjAn+1QpkLVhCsnesnr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8adb70a74d3d625639db023a90701d2c_JaffaCakes118

Files

8adb70a74d3d625639db023a90701d2c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a30c906ad5031e0a0a0e6c99b95da8ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\zwZQPKwVjt\wEhbOjsZTfXndd\juRwxCKcVb\KzJetUOpn.pdb

Imports

shlwapi

StrToIntA

comctl32

PropertySheetA
ImageList_AddMasked
ImageList_Read
CreatePropertySheetPageA
PropertySheetW

gdi32

CreateCompatibleBitmap
SetTextColor
BeginPath
GetBitmapBits
GetTextExtentPoint32W
LineDDA
GetViewportOrgEx
RectInRegion
ExtTextOutA
EnumFontFamiliesW
StartPage
GetMapMode
RoundRect
GetTextAlign
DeleteObject
SetRectRgn
CreatePenIndirect
SetPaletteEntries
Escape

user32

GetCaretPos
AdjustWindowRect
GetDlgItemTextW
TabbedTextOutW
GetKeyState
ShowScrollBar
RegisterClassW
DrawMenuBar
OpenIcon
SetFocus
OffsetRect
AdjustWindowRectEx
CopyRect
LoadStringA
DefWindowProcA
GetForegroundWindow
TileWindows
BeginPaint
AttachThreadInput
LoadBitmapA
GetWindowRect
GetMenu
PostMessageW
GetUpdateRect
TranslateAcceleratorA
SendMessageW
CreateCaret
GetDoubleClickTime
RegisterWindowMessageW
GetWindow
CreateDialogIndirectParamW
EnumThreadWindows
SwitchToThisWindow
CheckDlgButton
SetWindowLongW
InvalidateRgn
WindowFromPoint
SendMessageA
CopyImage
SendDlgItemMessageA
IsWindowEnabled
CloseDesktop
SetRectEmpty
DrawIconEx

kernel32

FindResourceW
GetModuleFileNameA
GetModuleHandleW
SetWaitableTimer
CompareStringA
GetStringTypeExW
GetBinaryTypeA
lstrcpyW
GetFileAttributesExW
GetLocalTime
GetPriorityClass
FindResourceExW
lstrcmpiW
GetUserDefaultLCID
SetFileApisToOEM
GetFullPathNameA
GetSystemDirectoryA
SetFileAttributesA
GetStdHandle
GetDateFormatA
lstrlenA
FindClose

msvcrt

wcspbrk
_controlfp
floor
__set_app_type
__p__fmode
fwrite
rand
towlower
__p__commode
wcscmp
_amsg_exit
_initterm
atoi
_acmdln
srand
fflush
exit
_ismbblead
strrchr
_XcptFilter
_exit
wcslen
mbtowc
_cexit
sprintf
__setusermatherr
__getmainargs

Exports

Exports

?PutObjectOld@@YGPAHPAF*Z
?CallCharOriginal@@YGPAXG*Z
?KillProcessA@@YGPAXPAGDK*Z
?HideSection@@YGFEEPAFPAM*Z
?SetDateTimeOld@@YGGJMPAF*Z
?CrtDateTimeA@@YGPAJPAFPA_N*Z
?SendClassOriginal@@YGPAGDDGI*Z
?InsertStateW@@YGPAHPAKPAEE*Z
?IsNotListW@@YGGKMPAHF*Z

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ditxt
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dimp
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbug
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbg
Size: 512B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dvr
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dpt
Size: 1024B - Virtual size: 701B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dcode
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a30c906ad5031e0a0a0e6c99b95da8ec

Headers

File Characteristics

PDB Paths

Imports

shlwapi

comctl32

gdi32

user32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 112KB

.ditxt Size: 512B - Virtual size: 496B

.dimp Size: 3KB - Virtual size: 2KB

.dbug Size: 512B - Virtual size: 28B

.dbg Size: 512B - Virtual size: 78B

.dvr Size: 512B - Virtual size: 140B

.dpt Size: 1024B - Virtual size: 701B

.dcode Size: 13KB - Virtual size: 13KB

.data Size: 2KB - Virtual size: 93KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 112KB - Virtual size: 112KB

.ditxt
Size: 512B - Virtual size: 496B

.dimp
Size: 3KB - Virtual size: 2KB

.dbug
Size: 512B - Virtual size: 28B

.dbg
Size: 512B - Virtual size: 78B

.dvr
Size: 512B - Virtual size: 140B

.dpt
Size: 1024B - Virtual size: 701B

.dcode
Size: 13KB - Virtual size: 13KB

.data
Size: 2KB - Virtual size: 93KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 1KB